We performed a comparison between Meraki MX and Sophos XG based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos XG received better user ratings. Although the two solutions are comparable in most areas, Meraki MX lacks a lot of features in comparison with Sophos XG.
"I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard."
"It is very easy to use and manage. It is also very easy to scale."
"It has very good features; it's easy to use, configure, set up, and deploy."
"It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
"The most valuable feature is that we didn't have any problems with Meraki MX."
"Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
"Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
"In general, Meraki MX is easy to work with."
"It is very user friendly and easy to manage from the administrative point of view. It is good, reliable, and easy to implement."
"This solution is very user-friendly and even a non-professional can configure the policies."
"Sophos is easy to use."
"The two most valuable feature of Sophos XG is, one the option to filter according to different applications and two, the integration with the Active Directory."
"They really work scalability into the solution at the outset."
"Sophos XG Firewall is very usable, very easy to install, and very user friendly."
"A valuable feature involves the solution's manageability."
"In my experience, the solution was easy to use, has lots of features, and is easy to configure."
"From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."
"The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better."
"Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times."
"As far as what needs to be improved — nothing really comes to mind. It does what we need it to do."
"You can only have one tunnel in the whole infrastructure — one tunnel with one device."
"We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."
"Management can be improved in Meraki MX."
"It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."
"Over the last six months, we have noticed that the hardware is slow, especially the VPN connections."
"Having a web portal where you could make requests for the categorization of non-categorized items, would be beneficial."
"The initial setup, specifically when activating the license, is a nightmare and is quite difficult."
"In the Sophos XG, the SD-WAN has all the rules done separately, such as net policy routing. In the previous version, they were all in a single rule and everything was done that way. The way it is now is difficult for us because we are not used to this newer version. The firewall rules should be easier to configure and create. Everything should be done with a single click."
"Sophos XG's user interface has some room for improvement."
"The solution could be more secure."
"Its price should be improved. It should be cheaper."
"Everything is working as expected at this moment, but the anti-spam solution in Sophos XG needs to be improved. It needs more granular features and more stability. The anti-spam solution currently doesn't have many features, and we would like to have more features. At this moment, there is no expression filter for anti-spam. We need something to be able to filter subjects or attachments in emails based on the keyword. Sometimes, there is an issue with anti-spam, and Sophos XG suddenly stops processing incoming or outgoing emails. The only solution for this issue is to restart the appliance. Their support should be improved. It takes a long time to escalate a support case from level one to level two."
Meraki MX is ranked 1st in Unified Threat Management (UTM) with 16 reviews while Sophos XG is ranked 5th in Firewalls with 146 reviews. Meraki MX is rated 8.2, while Sophos XG is rated 8.0. The top reviewer of Meraki MX writes "Makes it easy to stay on top of everything for security". On the other hand, the top reviewer of Sophos XG writes "Light and stable with excellent real-time control ". Meraki MX is most compared with Fortinet FortiGate, Cisco ASA Firewall, Cisco Firepower NGFW Firewall, Palo Alto Networks NG Firewalls and SonicWall NSa, whereas Sophos XG is most compared with Fortinet FortiGate, pfSense, OPNsense, Palo Alto Networks NG Firewalls and WatchGuard Firebox. See our Meraki MX vs. Sophos XG report.
We monitor all Unified Threat Management (UTM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Meraki is designed for zero deployments and no in-house firewall specialist personnel. Best to secure Networks like remote offices, branches or home offices. Also to protect Internet Access (your computer accesses the internet).
Sophos is more of a professional firewall, not only protecting internet access but also providing security for publishing services like web servers, data centers, central services. They will need a specialist to install and support them. Therefore offer much more sophisticated protection features.
So, you can't really compare these solutions as they are targeting different markets.
Meraki MX is a small business product and lacks a lot of features compared to Sophos XG/XGS.
- IPsec IKEv2 does not work (it is in the menu, but does not work and can only be enabled by meraki support)
- no SSLVPN or IPsec VPN client. AnyConnect can only be tested with beta firmware.
Cisco Client VPN (L2TP) is a total joke - not sure for who it is meant for?
- no user based firewall rules (for VPN)
- no firewall rule grouping
- no masquerade option for DNAT (sometimes it is very useful if I can do a DNAT with masquerade to another subnet)
- no VLAN tagging support on WAN port (would be usable for IPTV - solvable if WAN is bypassed through a managed switch)
- no multiple IP support on WAN port (Sophos has alias support on every interface, which means that multiple IP addresses can be added on the same LAN or WAN port)
- no LAG or LACP support (would be usable to connect aggregation switch to firewall to bypass more traffic through the MX)
- no DAC cable support for SFP port (why I do have to use optical cable to connect aswitch?)
- no custom IPS policies - only on/off button
- no e-mail protection option (Sophos has it with extra license)
- no web server protection (Sophos has it with extra license)
- no sandstorm option (most firewalls have it with extra license)
- hardware may probably too weak compared to the user count
- no BGP, OSPF routing
- no multiple VPN user groups and LDAP servers
Cisco mx64, for example, has 2 WANs, is very practical and simple for the two services, has a balancing for two internet services and bandwidth control (by groups and users).